Archives For Espionage

George Orwell wrote 1984 as a SF book disguising a strong criticism to the tendency of the old Warsaw Pact Countries to spy on their own people. He would have not foreseen that it would have been a pale description of what happens today.

It seems that there are many groups out there, spying on people selected in a very interesting way: it could be very difficult to demonstrate the allegiance of those hackers to specific Governments, but the suspect is strong. For example, very recently a malware targeting Hong Kong protesters has been discovered (see: Malware program targets Hong Kong protesters who use Apple devices).

And it is a known fact that some Governmental Organizations (read: the NSA) spy on and infiltrate foreign Countries, even friendly ones (see: Core Secrets: NSA Saboteurs in China and Germany) and foreign Companies, especially in the telecommunications sector. Their goal is both to collect information and to undermine the ability to protect conversations, by weakening the encryption systems used by them.

The last chapter of this history has been written by iSight Partners, which discovered a vulnerability in Windows – patched yesterday – that has been seen to be used by a Team of Hackers from Russia to attack NATO, the Ukrainian Government, some strategic targets in Europe and an U.S. academic organization (see: iSIGHT discovers zero-day vulnerability CVE-2014-4114 used in Russian cyber-espionage campaign). As in other cases, it is very difficult to identify the sender for those attacks, but the targets and the source of the attacks are suspicious enough.

No doubt about it: we live in a scary time… or full of opportunities, depending on how you look at it.

Disclaimer

The author of this Blog, Simone Curzi, has been a Senior Consultant and Delivery Architect in Microsoft Consulting Services (MCS) Italy for more than 6 years and has spent a total of 15 year as a Consultant in MCS. After having spent 2 years as a Security Premier Field Engineer for Microsoft Proactive Services (CSS), he has recently joined Microsoft Global CyberSecurity Practice (GCP) as Senior Consultant.
Simone is also the Leader of Microsoft Technical Community for Application Security.
The content published here express his own personal opinions only. By any means they do not necessarily reflect Microsoft's assessments or persuasions around Security or any other topic discussed in this Site. Microsoft has not participated directly or indirectly to the preparation of the current Site, for example by providing any resource other than paying for the salary.
The content is based on public information and sanitized experiences: it will not contain Microsoft Internal-Only material nor information traceable to actual Customers, even if someone could occasionally recognize himself or herself.